Google has won a lawsuit against two Russian citizens in connection with the operation of a botnet called Gluptebathe company said last week.
The US District Court for the Southern District of New York imposed monetary sanctions against the defendants and their US-based legal counsel. The defendants have also been asked to pay Google’s legal fees. The defendants’ move to press for sanctions against Google was rejected.
The development comes nearly a year after the tech giant took down the malware’s command-and-control infrastructure and initiated legal proceedings against Dmitry Starovikov and Alexander Filippovwho is said to have been responsible for the operation of the illegal botnet.
The defendants, along with 15 others, have also been accused of using malware to create a hacked network of devices to mine cryptocurrencies, harvest victims’ personal and financial data, and place intrusive ads.
Gluteba differs from its botnet counterparts in its use of cryptocurrency blockchains as a command-and-control mechanism to resist disruption. Per Google, the botnet infected approximately more than one million Windows computers worldwide.
“Glutteba malware […] asks infected computers to look for the addresses of the C2 servers by referencing transactions associated with specific accounts on the Bitcoin blockchain,” the court order said.
Starovikov and Filippov, who claim to have worked for a company called Valtron LLC as software engineers, have been charged with attempting to intentionally mislead the court while acting with intent to deprive Google of discoverable information.
A settlement demand filed on September 8 shows that the actors requested $1 million each from Google, in addition to $110,000 in legal fees, in exchange for providing the private keys to Bitcoin addresses linked to the Glupteba botnet.
However, the Mountain View-based company rejected the offer, calling it “extortionate,” and reported it to the police.
But in a conflicting statement, the defendants backtracked on their earlier position a week later on September 15, claiming that “they had no such information in their possession and that the Bitcoin accounts were owned by Valtron’s CEO.”
“It is now clear that the defendants appeared in this court not to proceed in good faith to defend themselves against Google’s claims, but with the intent to abuse the court system and discovery rules to reap a profit from Google,” said District Judge Denise L. Cote.